1. Field of the Invention
The present invention is directed to providing information on the activities of network devices having unique addresses. In particular, the invention is directed to providing a mechanism for owners of IPs or IP blocks to obtain information such email usage statistics on the activities of computers at that IP or within their IP blocks.
2. Description of the Related Art
Generally, large enterprises such as corporations, universities, and (Internet Service Providers) ISPs, own large quantities of Internet protocol addresses. Two versions of IP exist in use today. Nearly all networks use IP version 4 (IPv4), but an increasing number of educational and research networks have adopted the next generation IP version 6 (IPv6). For owners of large IP blocks, maintaining information on the activities of computers within those blocks is difficult. For example, ISPs may sell or lease IPs or blocks to individuals or organizations, and provide additional services to users of their IPs. However, there is no truly effective means for them to audit user activities other than receiving reports from outside agencies on the use of those IPs.
The most common use of the Internet is communication via electronic mail. One of the most common forms of email is provided by Email Service Providers (ESPs) such as Yahoo! Mail, Microsoft Hotmail, Google GMail, and other free Web-based email services. Each of these providers aggregates a large number of messages which are inbound to the providers, many of which are spam or unsolicited bulk-email messages. spam is thus a major concern for ESPs and each implements some form of spam filtering and protection for users. Large scale ESPs can stop a limited amount of spam using various spam detection mechanisms, including comparing the sending IP address to a list of known spammer addresses or confirming the validity of the sending IP address with a Domain Name Service (DNS) server. Though typical anti-spam applications remove a portion of incoming spam from user accounts, they do not prevent all UBE from being delivered to user email accounts. For owners of large IP blocks, spam email can be as much of a problem as it is for ESPs because of the increased network bandwidth consumption, customer complaints when blacklisted, and a bad corporate reputation.
Originators of spam try to harness the resources of as many machines as they can to send their messages. Generally, spammers hide the origin of spam by utilizing unsuspecting servers on the Internet, known as zombies. Spammers can flood large mail processing systems to the point where insufficient bandwidth is available to process legitimate email. ISPs and other owners of large IP blocks cannot monitor every machine within the IP block, and the manner in which various spyware, and zombie email re-mailers work—by inserting themselves on machines without knowledge of the ISP or the machine's owner—make them difficult to find.
When a message is received by an email service provider (ESP), information relating to the Internet protocol (IP) address of the sender of the message is obtained by the receiving email system. With these ESPs receiving large volumes of email, in some cases up to 3,000,000 messages a day, a large quantity of data on which servers IP addresses information is coming from.
Providing a system which would give IP block owners information about the machines within their address block from the perspective of a system or systems outside that block which interacts with the block would be useful to both the block owner and the end user.